Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/R6aZNL6yp_iV8V2pdjC5MVGA7Fo.roa
File: R6aZNL6yp_iV8V2pdjC5MVGA7Fo.roa (raw, json)
Hash identifier: lrWyZICI2q6ZweXt4p0+CUcka2SSmlmzvDbiyAWO9ZE=
Subject key identifier: 47:A6:99:34:BE:B2:A7:F8:95:F1:5D:A9:76:30:B9:31:51:80:EC:5A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C7DCD76150D99D2809DCCF559F0FC8267
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/R6aZNL6yp_iV8V2pdjC5MVGA7Fo.roa
Signing time: Mon 18 Dec 2023 16:41:06 +0000
ROA not before: Mon 18 Dec 2023 16:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
103.212.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Dec 2023 17:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:cd:76:15:0d:99:d2:80:9d:cc:f5:59:f0:fc:82:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 18 16:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47a69934beb2a7f895f15da97630b9315180ec5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7a:02:05:b9:1a:fc:ac:95:59:9e:a8:7f:6f:
10:8c:24:67:a4:e6:a4:c1:7a:d5:d5:72:aa:d5:05:
fd:d2:cc:d6:38:c4:6a:ad:2c:7a:10:8b:06:86:4f:
f4:b9:76:7a:3e:58:35:43:65:48:22:b7:ff:9e:c5:
30:ea:eb:09:e3:ad:68:c6:68:4c:c8:12:b5:18:57:
8b:7a:f2:6d:f3:48:1f:46:f6:cd:eb:ff:e7:ba:15:
bf:4d:bd:0e:81:ea:e5:86:f0:02:5f:9a:6f:a9:98:
5c:f4:61:f7:a9:a0:e9:f7:44:61:31:5c:6b:7e:c4:
67:44:7b:3d:8b:c7:28:5a:92:09:5b:09:8c:8c:75:
68:7b:75:f6:d3:24:b8:2d:8c:a0:86:d8:c3:65:18:
68:ec:94:85:56:85:5a:d7:d1:9b:4e:a9:ac:a7:20:
d1:5c:62:b4:94:ca:4a:2d:4d:3d:49:d1:59:f6:b4:
45:8c:2e:83:7b:69:cf:a8:5b:04:fe:13:42:b5:4e:
ff:dd:76:0d:27:16:2f:22:38:c9:bd:2d:e5:31:57:
f4:c7:fb:d7:f7:39:c3:8b:1a:ec:3a:72:5d:1e:bc:
7b:0b:5f:f5:ae:15:8f:2e:c9:00:9b:0e:ee:8e:d7:
b5:80:b4:32:a3:aa:43:bc:3b:b0:4e:22:5f:36:f3:
1b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A6:99:34:BE:B2:A7:F8:95:F1:5D:A9:76:30:B9:31:51:80:EC:5A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/R6aZNL6yp_iV8V2pdjC5MVGA7Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.212.81.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e8:85:cf:6b:55:c6:e7:e6:94:fd:f5:ae:46:fd:98:5c:e7:
21:df:db:48:df:ff:89:3e:c9:44:a0:ce:22:85:96:ac:8d:53:
fd:99:a3:53:49:fb:40:55:ea:72:68:be:bd:ae:32:fe:73:4d:
ae:9c:d3:ee:ff:fa:d8:8b:0e:bc:44:98:9a:52:81:17:d7:b6:
dc:a4:30:e3:f4:c4:49:12:0e:65:2e:a0:ed:67:f8:7d:52:96:
a2:5d:60:72:93:5f:3d:36:4a:56:67:fb:a0:cc:49:83:e8:74:
a9:b5:a4:1b:36:78:5f:ed:ea:ba:e0:b5:9f:97:60:c1:5e:20:
19:25:b7:95:e8:6e:2f:2d:fc:c7:e0:fe:b3:54:cc:e8:4a:f1:
28:d0:60:50:1f:db:b0:4a:75:e0:32:a5:77:66:c9:8e:e4:1f:
86:de:c0:71:b0:ea:c9:c3:b3:77:a0:2b:0a:45:bd:76:bf:f4:
57:92:b5:9d:02:33:66:6a:80:f9:b0:b2:c7:6c:e9:31:86:60:
04:eb:cb:9a:68:93:eb:ae:28:ed:e1:b2:bb:a7:cb:f2:ad:12:
6a:f6:17:06:35:fd:f1:dc:49:4b:12:1d:8a:c7:0f:fa:73:12:
69:f7:4e:7a:ab:26:39:2f:5b:f9:9a:15:23:5b:5b:c7:b6:a9:
35:43:ee:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx9zXYVDZnSgJ3M9Vnw/IJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjE4MTY0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2E2OTkzNGJlYjJhN2Y4OTVmMTVkYTk3NjMwYjkzMTUxODBlYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXoCBbka/KyVWZ6of28QjCRnpOak
wXrV1XKq1QX90szWOMRqrSx6EIsGhk/0uXZ6Plg1Q2VIIrf/nsUw6usJ461oxmhM
yBK1GFeLevJt80gfRvbN6//nuhW/Tb0OgerlhvACX5pvqZhc9GH3qaDp90RhMVxr
fsRnRHs9i8coWpIJWwmMjHVoe3X20yS4LYyghtjDZRho7JSFVoVa19GbTqmspyDR
XGK0lMpKLU09SdFZ9rRFjC6De2nPqFsE/hNCtU7/3XYNJxYvIjjJvS3lMVf0x/vX
9znDixrsOnJdHrx7C1/1rhWPLskAmw7ujte1gLQyo6pDvDuwTiJfNvMbuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEemmTS+sqf4lfFdqXYwuTFRgOxaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUjZhWk5MNnlwX2lWOFYycGRqQzVNVkdBN0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZ9RRAwQB
ywAIAwQA3xtyMA0GCSqGSIb3DQEBCwUAA4IBAQAV6IXPa1XG5+aU/fWuRv2YXOch
39tI3/+JPslEoM4ihZasjVP9maNTSftAVepyaL69rjL+c02unNPu//rYiw68RJia
UoEX17bcpDDj9MRJEg5lLqDtZ/h9UpaiXWByk189NkpWZ/ugzEmD6HSptaQbNnhf
7eq64LWfl2DBXiAZJbeV6G4vLfzH4P6zVMzoSvEo0GBQH9uwSnXgMqV3ZsmO5B+G
3sBxsOrJw7N3oCsKRb12v/RXkrWdAjNmaoD5sLLHbOkxhmAE68uaaJPrrijt4bK7
p8vyrRJq9hcGNf3x3ElLEh2Kxw/6cxJp9056qyY5L1v5mhUjW1vHtqk1Q+5b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org